Subscribe

Browse this Topic

Expand Topic...

EDUCAUSE IT Governance, Risk, and Compliance Program

Governance, risk, and compliance (GRC) issues increasingly pervade higher education information technology. As institutional investment in IT and reliance on information systems have grown, so has the need for reliable structures and measures to ensure success and minimize failure.

IT GRC programs develop a framework for the leadership, organization, and operation of an institution's IT programs. This framework can be used by IT staff to ensure that their programs support and enable the institution's strategic objectives. The EDUCAUSE IT GRC program provides resources that help you define and implement IT GRC activities on your own campus.

A member advisory board, member working groups, and representatives from complementary organizations advise EDUCAUSE in the development of best practices, toolkits, and case studies. EDUCAUSE-conducted research will benchmark how higher education institutions are currently approaching IT GRC practices. New resources will be added to this page as they are developed.

To learn more or to contribute to the higher education IT GRC body of knowledge, contact us at GRC@educause.edu

Risk

Questions about IT Governance, Risk, and Compliance Answered, EDUCAUSE Review, October 27, 2014. To offer insights into the difficulties and opportunities inherent in IT GRC programs in higher education, the author asked members of the advisory committee to tackle some key questions for EDUCAUSE readers.

Governance

The Foundations of a High-Performance ITS Organization, EDUCAUSE Live! May 2014. This webinar explores how to develop a framework for an IT strategic planning process and implement it, how to design a governance structure for Project Portfolio Management and implement a PPM model, and how to implement a process to craft vision and mission statements for the organization.

Governance, Risk, and Compliance: Why Now? EDUCAUSE Review, December 6, 2013. Governance, risk, and compliance (GRC) programs intend to develop a framework for the leadership, organization, and operation of the institution's IT areas to ensure that those areas support and enable the institution's strategic objectives.

For additional resources see the library Items tab on the "IT Governance" page

Compliance

Higher Education IT Compliance through the Prism of Risk Controls,EDUCAUSE Review, December 6, 2013. Only through collaborative compliance and risk discussions can appropriate decisions be made about both the everyday activities and the transformative new technologies that are or will be available to the higher education institution of 2020.

Questions about IT Governance, Risk, and Compliance Answered, EDUCAUSE Review, October 27, 2014. To offer insights into the difficulties and opportunities inherent in IT GRC programs in higher education, the author asked members of the advisory committee to tackle some key questions for EDUCAUSE readers.

The Foundations of a High-Performance ITS Organization, EDUCAUSE Live! May 2014. This webinar explores how to develop a framework for an IT strategic planning process and implement it, how to design a governance structure for Project Portfolio Management and implement a PPM model, and how to implement a process to craft vision and mission statements for the organization.

Higher Education Compliance Alliance, was created by the National Association of College and University Attorneys (NACUA), in partnership with thirty other higher education associations, to provide the higher education community with a centralized repository of information and resources for compliance with federal laws and regulations.

For additional resources see the library Items tab on the "Compliance" page